wow, that's not good. My SSH password is long and complex. Is there anything I can check? Logs or anything? And how do I delete those files now, they are refusing to delete. I tried by FTP and terminal. I cannot type the name so I typed rm -i * but the system comes up with an error message.
Edit: someone is definitely trying to getting in...
Jun 9 04:23:24 xxxxxxxx sshd[18388]: Failed password for root from 182.100.67.113 port 52274 ssh2
Jun 5 09:04:10 xxxxxxxx sshd[15205]: reverse mapping checking getaddrinfo for 150.0.47.59.broad.bx.ln.dynamic.163data.com.cn failed - POSSIBLE BREAK-IN ATTEMPT!
Yes, does not work. Even using rm -i won't work, the system should ask me confirmation and I should be able to say "yes" to what I want but no luck.
I believe I will let my CrashPlan to complete the upload first and then I will remove those files 🙂 What I need to know is: is it safe to do? Any chance they were created by some app?
Also, I could not see a successful access by SSH on the 8th - to be honest I doubt someone was able to get in, my password is not an easy one. Besides SSH, is there anywhere else I should look for clues of someone breaking in?
